import re

def fingerprint_sql(sql):
    # 移除数字、字符串常量
    sql = re.sub(r'\d+', '?', sql)
    sql = re.sub(r"'[^']*'", "'?'", sql)
    sql = re.sub(r'"[^"]*"', '"?"', sql)
    return sql.strip().lower()

# 示例
# "SELECT * FROM users WHERE id = 123" → "select * from users where id = ?"